[BreachExchange] Point Sadly Proven: WannaCry Ransomware (And The Rest) Shows Why Enterprises Need To Plan For Chaos
Audrey McNeil
audrey at riskbasedsecurity.com
Thu Aug 10 20:01:40 EDT 2017
http://www.businesscomputingworld.co.uk/point-sadly-proven-wannacry-
ransomware-and-the-rest-shows-why-enterprises-need-to-plan-for-chaos/
While the WannaCry ransomware infections now seem to be declining from
their peak last month, the chaos following the global attack is far from
over. The malware that swept around the world infected more than 300,000
computers in 100 countries, and continues to hit companies such as Honda,
shutting down production.
In the UK, NHS hospitals were particularly badly hit – possibly because of
a reliance on an older version of Windows – and many are still dealing with
the aftermath. Like many computer worms, the WannaCry malicious code
replicates and spreads itself among networked computers, causing untold
havoc within large organisations that rely on vast computer infrastructure
– such as the NHS.
And if that wasn’t enough, whilst recovering from the WannaCry attack, many
organisations found themselves in the firing line once again, when the
Petyawrap (or NotPetya) infection – so named because it masquerades as the
Petya ransomware – was unleashed last month. The malware exploded across
the world at the end of June, taking out organisations from banks to
electricity grids.
This successive attack is further proof that modern IT infrastructures are
incredibly vulnerable. But it doesn’t mean that enterprises are
defenceless. Attacks like Pertyawrap and WannaCry are only going to
increase in frequency and severity unless companies take proactive action
that brings order to an otherwise chaotic environment, improving the
security of the information systems they maintain in the process.
Luckily, there are solutions that bypass this complexity and transform a
“chaotic” enterprise network environment into a more secure and compliant
network.
An automated approach to network segmentation is one of the solutions.
Complexity is the reality of today’s enterprise networks. Multiple vendors
and platforms, physical networks, and hybrid cloud, not to mention network
devices and the rules that manage those devices. That’s just half the
challenge. Now combine that scenario with the fast pace of change that is
required to keep a network operating securely and optimally, with the added
potential for human error or misconfigurations, and the level of
complexity, and indeed threat, increases even more.
Proper network segmentation divides a network into different security zones
which limits the exposure that an attacker would have in the event that the
network is breached.
Nevertheless, the reality of a dynamic environment which requires ongoing
changes to application connectivity implies a high risk of configuration
errors. The potential consequence of such errors is sub-optimal
segmentation, which means that events can unfold quickly and escalate into
an attack – such as WannaCry – finding its way into your network via just
one overlooked open port. This is particularly the case when it comes to
poorly managed firewalls.
Applying automation to network segmentation allows security managers to
ensure that the network segmentation is maintained throughout all changes
without slowing down the business. So, with IT professionals facing a
double whammy of network complexity and increased security threats, our
advice is to make sure you plan for chaos and put in place measures that
bring order to an otherwise chaotic IT environment.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20170810/9c9041c2/attachment.html>
More information about the BreachExchange
mailing list